CVE-2025-8037 Information

Jul 23, 2025 cve

Description

Setting a nameless cookie with an equals sign in the value shadowed other cookies. Even if the nameless cookie was set over HTTP and the shadowed cookie included the Secure attribute. This vulnerability affects Firefox < 141 Firefox ESR < 140.1 Thunderbird < 141 and Thunderbird < 140.1.

Reference

https://bugzilla.mozilla.org/show_bug.cgi?id=1964767 https://www.mozilla.org/security/advisories/mfsa2025-56/ https://www.mozilla.org/security/advisories/mfsa2025-59/ https://www.mozilla.org/security/advisories/mfsa2025-61/ https://www.mozilla.org/security/advisories/mfsa2025-63/

CNNVD-202507-2932 (Published: 2025-07-22)

Share on:

CVE-2025-8037 Information

Description

Reference

Related CNNVD